skip to main | skip to sidebar

Linux Tutorial for Beginners

Pages

  • Home
 
  • RSS
  • Twitter
Wednesday, February 15, 2012

Some important information about Kerberos

Posted by Raju Gupta at 1:12 AM – 0 comments
 

Warning

The Kerberos system can be compromised if a user on the network authenticates against a non Kerberos aware service by transmitting a password in plain text. The use of non-Kerberos aware services is highly discouraged. Such services include Telnet and FTP. The use of other encrypted protocols, such as SSH or SSL-secured services, however, is preferred, although not ideal.

Note
Kerberos depends on the following network services to function correctly.
·         Approximate clock synchronization between the machines on the network. :--  A clock synchronization program should be set up for the network, such as ntpd. Refer to /usr/share/doc/ntp-<version-number>/index.html for details on setting up Network Time Protocol servers (where <version-number> is the version number of the ntp package installed on your system).
·         Domain Name Service (DNS). :--  You should ensure that the DNS entries and hosts on the network are all properly configured. Refer to the Kerberos V5 System Administrator's Guide in /usr/share/doc/krb5-server-<version-number> for more information (where <version-number> is the version number of the krb5-server package installed on your system).

Tip

Administrators should be careful not to allow users to authenticate to most network services using Kerberos passwords. Many protocols used by these services do not encrypt the password before sending it over the network, destroying the benefits of the Kerberos system. For example, users should not be allowed to authenticate to Telnet services with the same password they use for Kerberos authentication.
Labels: Kerberos Email This BlogThis! Share to Twitter Share to Facebook

Leave a Reply

Newer Post Older Post
Subscribe to: Post Comments (Atom)

Our Blogs

  • Java Programs with Output
  • C Programming Tutorial
  • Language Tutorial
  • Android Development Tutorial
  • Web Development Tutorial
  • Popular
  • Recent
  • Archives

Popular Posts

  • How to create limited shell
    We want to limit the activities or command to run for specific user then, how to limit a shell? here are the steps to create limited shel...
  • Apache and SELinux File Labels
    Take a look at the SELinux settings associated with Apache. To review, SELinux settings, as they relate to a service, mostly fall into tw...
  • Advantages & Disadvantages of Kerberos
    Advantages of Kerberos Most conventional network services use password-based authentication schemes. Such schemes require a user to au...
  • Apache Configuration File Security Option
    you’ll examine the security options available in the main Apache configuration file, httpd.conf. That file can be modified to secure the e...
  • AWS VPC Overview
    What is VPC ? A virtual private cloud (VPC) is a virtual network dedicated to your AWS account. It is logically isolated from other vir...
  • SSH login without password
    The following steps can be used to ssh from one system to another without specifying a password: 1. On the client run the following com...
  • How to automatically chroot jail selected ssh user logins
    1. Creating basic chroot environment First we need to create a simple chroot environment. Our chroot environment will consist of a bash she...
  • Apache Installation and Configuration through source code
    In this example we extract the source code to a directory under /usr/local/src/ cp httpd-2.0.46.tar.gz /usr/local/src cd /usr/local/src...
  • Tcpdump command with some examples
    To print all packets arriving at or departing from sundown: tcpdump host sundown To print traffic between helios and either hot or ace: ...
  • How to Create the Kerberos database
    Create the database with the following command.  [root@coma ~] kdb5_util create -s This will prompt you for a password. You will ...
Powered by Blogger.

Archives

  • ►  2014 (1)
    • ►  May (1)
  • ►  2013 (4)
    • ►  February (4)
  • ▼  2012 (89)
    • ►  November (1)
    • ►  March (4)
    • ▼  February (36)
      • Why sendmail Is So Complex?
      • Defination of MUA, MTA & MSA (sendmail)
      • Mail Server Basic
      • Configuring a DHCP Client
      • Starting and Stopping the DHCP Server
      • DHCP Lease Database
      • Dhcp configuration file Example
      • Dhcp Configuration file Logic
      • How to install DHCP?
      • What is dhcp ?
      • ls command
      • Some important point about Iptables
      • Explain iptables terminology
      • Iptables
      • How to install PHP on linux system
      • How does LDAP work ?
      • What is LDAP ?
      • How to configure Slave KDC (Backup KDC)
      • How to Create the Kerberos database
      • Edit /var/kerberos/krb5kdc/kadm5.acl & /etc/gssapi...
      • Edit /var/kerberos/krb5kdc/kdc.conf
      • Edit file /etc/krb5.com
      • How to create bridge ?
      • How to explain Webmin?
      • Setup rsync over ssh without password on Linux
      • Linux chkconfig Command Examples
      • How to create limited shell
      • How to Domain-to-Realm Mapping
      • How to configuring a Kerberos 5 Client
      • How to Configuring a Kerberos 5 Server
      • Some important information about Kerberos
      • How Kerberos Works
      • Kerberos Terminology explanation
      • Kerberos and PAM
      • Advantages & Disadvantages of Kerberos
      • What is Kerberos?
    • ►  January (48)
 

Followers

Labels

  • Apache (8)
  • aws (1)
  • Bridge (1)
  • cloud computing (1)
  • Configuration (1)
  • dhcp server (7)
  • DNS (8)
  • File system (11)
  • Fping (1)
  • Iptable basic (3)
  • KDC slave server (1)
  • Kerberos (14)
  • kerberos configuration (5)
  • kerberos database (1)
  • LaTeX (1)
  • Ldap basic (2)
  • Linux aliases (1)
  • Linux Commands (4)
  • Linux History (2)
  • Linux Installation (3)
  • Linux kernel (3)
  • Linux shell (2)
  • Linux software (2)
  • Lvm (1)
  • Mail Server (3)
  • Network Script (1)
  • PHP (1)
  • Raid (6)
  • SELinux (1)
  • Sendmail (3)
  • ssh (2)
  • Tcpdump example (1)
  • Virtualization (5)
  • Webmin (1)
  • Yum (2)
 
 
© 2011 Linux Tutorial for Beginners | Designs by Web2feel & Fab Themes

Bloggerized by DheTemplate.com - Main Blogger